Monthly Archives: April 2012

April 19, H Security – (International) Mozilla blocklists Java on older Mac OS X systems. Mozilla blocked the Java plugin in Firefox running on versions 10.5 and – 16 – earlier of Mac OS X, as these versions of Apple’s operating system will not be receiving an update to the installed Java on their systems. […]

ReadWriteWeb’s Joe Brockmeier has an interesting piece analyzing OpenStack Essex, while this isn’t an exact overlap with the kind of analysis we’re working on for Insight and Nexus, it’s a view into the social and open source dynamics of a project. Brockmeier’s article is a summary of some analysis that OpenStack contributor Mark McLoughlin assembled […]

April 18, H Security – (International) Google warns the operators of thousands of hacked web sites. The head of Google’s Webspam team announced that Google sent out a message to the webmasters of 20,000 sites informing them their sites may have been hacked. In the e-mail message, the firm warned operators that the affected sites […]

April 18, H Security – (International) Oracle patch day addresses 88 vulnerabilities. Oracle released 88 security patches as part of its scheduled April Critical Patch Update. One of the patches affects a series of vulnerabilities in the Java JRockit VM with a Common Vulnerability Scoring System (CVSS) Base Score of 10.0 — this is the […]

If you are watching our security feed, you may have noticed this IDG News Service story reporting on a critical security patch from Oracle. Since many of our customers are directly affected by this vulnerability, we thought this announcement was important enough to feature. From the story: “The upcoming patch batch includes six fixes for […]

Hackers aren’t content enough to infect your laptop, they want your phone. There’s an article over on SecurityNewsDaily that talks about some new Android malware that can take over your phone. Here’s the fun quote: “The new Android malware disguises itself in fully functional copies of apps, including ―Angry Birds Space,∥ and hides its malicious […]

We announced that Nexus Professional added support for .NET and NuGet repositories, but I wanted to reiterate that message by supplying some very detailed instructions to walk you through the process. NuGet has quickly become the defacto way to install libraries in Visual Studio, and, in some ways, the IDE integration between Visual Studio and […]

SQL injection really bugs me. It is almost always the application developer’s fault. Once you notice that a site’s registration form breaks on apostrophes (maybe your last name is Irish) it’s often a sign that you’ll be able to throw in some SQL with that last name. Penetration testing experts use a tool like Havij: […]

April 16, IDG News Service – (International) Web site vulnerabilities fall, but hackers become more skilled. The number of coding mistakes on Web sites continues to fall, but companies are slow to fix issues that could be exploited by hackers working with improved attack tools, according to a security expert. The average number of serious […]

April 16, The H – (International) Oracle accidentally release MySQL DoS proof of concept. Oracle accidentally released a MySQL denial-of-service (DoS) proof of concept in the process of fixing the same problem. In March, the company released updates to MySQL, versions 5.5.22 and 5.1.62, which referred in their changes to “Security Fix: Bug #13510739 and […]